Skip to main content
CVE-2022-35156 CRITICAL POC Act Now

Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php.. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Bus Pass Management System
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-40944 CRITICAL POC Act Now

Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Dairy Farm Shop Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-40943 CRITICAL Act Now

Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Dairy Farm Shop Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-40315 CRITICAL PATCH Act Now

A limited SQL injection risk was identified in the "browse list of users" site administration page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Moodle Extra Packages For Enterprise Linux Fedora
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40314 CRITICAL PATCH Act Now

A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

RCE Deserialization Moodle
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-2778 CRITICAL PATCH Act Now

In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Octopus Server
NVD
CVSS 3.1
9.8
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy